Christoph Zwerschke wrote:
> Geoffrey Talvola wrote:
>> I think the original reason for loginid was: suppose someone logs
>> in, then leaves their browser open for a while. Their session
>> expires. Now suppose someone else comes up to the browser, uses the
>> Back button to go back to the login screen, and then presses Forward
>> to re-post the username and password. The loginid is supposed to
>> prevent this from working.
A common scenario where things can get posted more than once is if the user
uses the Back button to go back to a page that was a result of a post, and
then presses the Refresh button. The browser will put up a popup offering
to re-post the variables. If you don't want that to happen, you can have
the servlet that handles the post do a redirect. This seems to prevent the
browser from ever re-posting the form -- instead, pressing the Refresh
button will re-get the page that was redirected to.
> Ok. There are other scenarios as well where you want things to happen
> only one time (for instance, database transactions). I wonder whether
> Webware could provide some methods to do this transparently so you
> don't have to invent and code this kind of things again and again.
Seems like a good idea.